Debian 8.10 megjelenés, Debian GNU/Linux 8 “Jessie” frissítés

Debian 8.10 megjelenés, Debian GNU/Linux 8 “Jessie” frissítés

Megjelent az új GNU/Linux, a Debian 8.10-es verziója, A “Jessie” kódnévre keresztelt linux disztribúció megjelenésével az első debian, amelyik a systemd-s initet tartalmazza. Két új architektúra támogatottsága is bekerült a Debian 8-ba, így már arm64 és ppc64-el  architektúrákon is futtatható a az új stabil debian.

Nagyon sok verzióban tölthető le a Debian Jessie, a szokásos architektúrákban, 32bites és 64bites verzióban, teljes DVD set, CD image. live DVD, a leggyakoribb Desktop verziókban, és a szokásos minimális “net-install” verziót is ingyen használhatjuk.

A Debian 8.10 linux frissítései, javítások

+---------------------------+-----------------------------------------+
| Package                   | Reason                                  |
+---------------------------+-----------------------------------------+
| bareos [1]                | Fix permissions of bareos-dir logrotate |
|                           | config; fix file corruption when using  |
|                           | SHA1 signature                          |
|                           |                                         |
| base-files [2]            | Update for the point release            |
|                           |                                         |
| bind9 [3]                 | Import upcoming DNSSEC KSK-2017         |
|                           |                                         |
| cups [4]                  | Disable SSLv3 and RC4 by default to     |
|                           | address POODLE vulnerability            |
|                           |                                         |
| db [5]                    | Do not access DB_CONFIG when db_home is |
|                           | not set [CVE-2017-10140]                |
|                           |                                         |
| db5.3 [6]                 | Do not access DB_CONFIG when db_home is |
|                           | not set [CVE-2017-10140]                |
|                           |                                         |
| debian-installer [7]      | Rebuild for the point release           |
|                           |                                         |
| debian-installer-netboot- | Rebuild for the point release           |
| images [8]                |                                         |
|                           |                                         |
| debmirror [9]             | Tolerate unknown lines in *.diff/Index; |
|                           | mirror DEP-11 metadata files; prefer xz |
|                           | over gz, and cope with either being     |
|                           | missing; mirror and validate InRelease  |
|                           | files                                   |
|                           |                                         |
| dns-root-data [10]        | Update root.hints to 2017072601         |
|                           | version; add KSK-2017 to root.key file  |
|                           |                                         |
| dput [11]                 | dput.cf: replace security-              |
|                           | master.debian.org with                  |
|                           | ftp.upload.security.debian.org          |
|                           |                                         |
| dwww [12]                 | Fix  "Last-Modified"  header name       |
|                           |                                         |
| elog [13]                 | Update patch 0005_elogd_CVE-2016-       |
|                           | 6342_fix to grant access as normal user |
|                           |                                         |
| flightgear [14]           | Fix arbitrary file overwrite            |
|                           | vulnerability [CVE-2017-13709]          |
|                           |                                         |
| gsoap [15]                | Fix integer overflow via large XML      |
|                           | document [CVE-2017-9765]                |
|                           |                                         |
| hexchat [16]              | Fix segmentation fault following /      |
|                           | server command                          |
|                           |                                         |
| icu [17]                  | Fix double free in                      |
|                           | createMetazoneMappings() [CVE-2017-     |
|                           | 14952]                                  |
|                           |                                         |
| kdepim [18]               | Fix  "send Later with Delay bypasses    |
|                           | OpenPGP"  [CVE-2017-9604]               |
|                           |                                         |
| kedpm [19]                | Fix information leak via command        |
|                           | history file [CVE-2017-8296]            |
|                           |                                         |
| keyringer [20]            | Handle subkeys without expiration date  |
|                           | and public keys listed multiple times   |
|                           |                                         |
| krb5 [21]                 | Security fixes - remote authenticated   |
|                           | attackers can crash the KDC [CVE-2017-  |
|                           | 11368]; kdc crash on                    |
|                           | restrict_anon_to_tgt [CVE-2016-3120];   |
|                           | remote DOS with ldap for authenticated  |
|                           | attackers [CVE-2016-3119]; prevent      |
|                           | requires_preauth bypass [CVE-2015-2694] |
|                           |                                         |
| libdatetime-timezone-     | Update included data                    |
| perl [22]                 |                                         |
|                           |                                         |
| libdbi [23]               | Re-enable error handler call in         |
|                           | dbi_result_next_row()                   |
|                           |                                         |
| libembperl-perl [24]      | Change hard dependency on mod_perl in   |
|                           | zembperl.load to Recommends, fixing an  |
|                           | installation failure when libapache2-   |
|                           | mod-perl2 is not installed              |
|                           |                                         |
| libio-socket-ssl-         | Fix segfault using malformed client     |
| perl [25]                 | certificates                            |
|                           |                                         |
| liblouis [26]             | Fix multiple stack-based buffer         |
|                           | overflows [CVE-2014-8184]               |
|                           |                                         |
| libofx [27]               | Security fixes [CVE-2017-2816 CVE-2017- |
|                           | 14731]                                  |
|                           |                                         |
| libwnckmm [28]            | Tighten dependencies between packages;  |
|                           | use jquery.js from libjs-jquery         |
|                           |                                         |
| libwpd [29]               | Security fix [CVE-2017-14226]           |
|                           |                                         |
| libx11 [30]               | Fix  "insufficient validation of data   |
|                           | from the X server can cause out of      |
|                           | boundary memory read (XGetImage()) or   |
|                           | write (XListFonts())"  [CVE-2016-7942   |
|                           | CVE-2016-7943]                          |
|                           |                                         |
| libxfixes [31]            | Fix integer overflow on illegal server  |
|                           | response [CVE-2016-7944]                |
|                           |                                         |
| libxi [32]                | Fix  "insufficient validation of data   |
|                           | from the X server can cause out of      |
|                           | boundary memory access or endless       |
|                           | loops"  [CVE-2016-7945 CVE-2016-7946]   |
|                           |                                         |
| libxrandr [33]            | Avoid out of boundary accesses on       |
|                           | illegal responses [CVE-2016-7947        |
|                           | CVE-2016-7948]                          |
|                           |                                         |
| libxtst [34]              | Fix  "insufficient validation of data   |
|                           | from the X server can cause out of      |
|                           | boundary memory access or endless       |
|                           | loops"  [CVE-2016-7951 CVE-2016-7952]   |
|                           |                                         |
| libxv [35]                | Fix protocol handling issues in libXv   |
|                           | [CVE-2016-5407]                         |
|                           |                                         |
| libxvmc [36]              | Avoid buffer underflow on empty strings |
|                           | [CVE-2016-7953]                         |
|                           |                                         |
| linux [37]                | New stable kernel version 3.16.51       |
|                           |                                         |
| ncurses [38]              | Fix various crash bugs in the tic       |
|                           | library and the tic binary [CVE-2017-   |
|                           | 10684 CVE-2017-10685 CVE-2017-11112     |
|                           | CVE-2017-11113 CVE-2017-13728 CVE-2017- |
|                           | 13729 CVE-2017-13730 CVE-2017-13731     |
|                           | CVE-2017-13732 CVE-2017-13734 CVE-2017- |
|                           | 13733]                                  |
|                           |                                         |
| openssh [39]              | Test configuration before starting or   |
|                           | reloading sshd under systemd; make      |
|                           | "--"  before the hostname terminate     |
|                           | argument processing after the hostname  |
|                           | too                                     |
|                           |                                         |
| pdns [40]                 | Add missing check on API operations     |
|                           | [CVE-2017-15091]                        |
|                           |                                         |
| pdns-recursor [41]        | Fix configuration file injection in the |
|                           | API [CVE-2017-15093]                    |
|                           |                                         |
| postgresql-9.4 [42]       | New upstream bugfix release             |
|                           |                                         |
| python-tablib [43]        | Securely load YAML [CVE-2017-2810]      |
|                           |                                         |
| request-tracker4 [44]     | Fix regression in previous security     |
|                           | release where incorrect SHA256          |
|                           | passwords could trigger an error        |
|                           |                                         |
| ruby-ox [45]              | Avoid crash with invalid XML passed to  |
|                           | Oj.parse_obj() [CVE-2017-15928]         |
|                           |                                         |
| sam2p [46]                | Fix several integer overflow or heap-   |
|                           | based buffer overflow issues [CVE-2017- |
|                           | 14628 CVE-2017-14629 CVE-2017-14630     |
|                           | CVE-2017-14631 CVE-2017-14636 CVE-2017- |
|                           | 14637 CVE-2017-16663]                   |
|                           |                                         |
| slurm-llnl [47]           | Fix security issue caused by insecure   |
|                           | file path handling triggered by the     |
|                           | failure of a Prolog script [CVE-2016-   |
|                           | 10030]                                  |
|                           |                                         |
| sudo [48]                 | Fix arbitrary terminal access           |
|                           | [CVE-2017-1000368]                      |
|                           |                                         |
| syslinux [49]             | Fix boot problem for old BIOS firmware  |
|                           | by correcting C/H/S order               |
|                           |                                         |
| tor [50]                  | Add  "Bastet"  directory authority;     |
|                           | update geoip and geoip6 to the October  |
|                           | 4 2017 Maxmind GeoLite2 country         |
|                           | database; fix a memset() off the end of |
|                           | an array when packing cells             |
|                           |                                         |
| transfig [51]             | Add input sanitisation on FIG files     |
|                           | [CVE-2017-16899]; sanitize input of     |
|                           | fill patterns                           |
|                           |                                         |
| tzdata [52]               | New upstream release                    |
|                           |                                         |
| unbound [53]              | Fix install of trust anchor when two    |
|                           | anchors are present; include root trust |
|                           | anchor id 20326                         |
|                           |                                         |
| weechat [54]              | "logger: call strftime before replacing |
|                           | buffer local variables"  [CVE-2017-     |
|                           | 14727]                                  |
|                           |                                         |
+---------------------------+-----------------------------------------+

A Debian 8.10 linux biztonsági frissítések

----------------

This revision adds the following security updates to the oldstable
release. The Security Team has already released an advisory for each of
these updates:

+----------------+----------------------------+
| Advisory ID    | Package                    |
+----------------+----------------------------+
| DSA-3904 [55]  | bind9 [56]                 |
|                |                            |
| DSA-3908 [57]  | nginx [58]                 |
|                |                            |
| DSA-3909 [59]  | samba [60]                 |
|                |                            |
| DSA-3913 [61]  | apache2 [62]               |
|                |                            |
| DSA-3914 [63]  | imagemagick [64]           |
|                |                            |
| DSA-3916 [65]  | atril [66]                 |
|                |                            |
| DSA-3917 [67]  | catdoc [68]                |
|                |                            |
| DSA-3921 [69]  | enigmail [70]              |
|                |                            |
| DSA-3922 [71]  | mysql-5.5 [72]             |
|                |                            |
| DSA-3924 [73]  | varnish [74]               |
|                |                            |
| DSA-3928 [75]  | firefox-esr [76]           |
|                |                            |
| DSA-3929 [77]  | libsoup2.4 [78]            |
|                |                            |
| DSA-3930 [79]  | freeradius [80]            |
|                |                            |
| DSA-3932 [81]  | subversion [82]            |
|                |                            |
| DSA-3933 [83]  | pjproject [84]             |
|                |                            |
| DSA-3934 [85]  | git [86]                   |
|                |                            |
| DSA-3935 [87]  | postgresql-9.4 [88]        |
|                |                            |
| DSA-3937 [89]  | zabbix [90]                |
|                |                            |
| DSA-3938 [91]  | libgd2 [92]                |
|                |                            |
| DSA-3939 [93]  | botan1.10 [94]             |
|                |                            |
| DSA-3940 [95]  | cvs [96]                   |
|                |                            |
| DSA-3942 [97]  | supervisor [98]            |
|                |                            |
| DSA-3943 [99]  | gajim [100]                |
|                |                            |
| DSA-3945 [101] | linux [102]                |
|                |                            |
| DSA-3946 [103] | libmspack [104]            |
|                |                            |
| DSA-3947 [105] | newsbeuter [106]           |
|                |                            |
| DSA-3948 [107] | ioquake3 [108]             |
|                |                            |
| DSA-3949 [109] | augeas [110]               |
|                |                            |
| DSA-3950 [111] | libraw [112]               |
|                |                            |
| DSA-3951 [113] | smb4k [114]                |
|                |                            |
| DSA-3952 [115] | libxml2 [116]              |
|                |                            |
| DSA-3956 [117] | connman [118]              |
|                |                            |
| DSA-3958 [119] | fontforge [120]            |
|                |                            |
| DSA-3960 [121] | gnupg [122]                |
|                |                            |
| DSA-3961 [123] | libgd2 [124]               |
|                |                            |
| DSA-3962 [125] | strongswan [126]           |
|                |                            |
| DSA-3963 [127] | mercurial [128]            |
|                |                            |
| DSA-3964 [129] | asterisk [130]             |
|                |                            |
| DSA-3969 [131] | xen [132]                  |
|                |                            |
| DSA-3970 [133] | emacs24 [134]              |
|                |                            |
| DSA-3971 [135] | tcpdump [136]              |
|                |                            |
| DSA-3972 [137] | bluez [138]                |
|                |                            |
| DSA-3973 [139] | wordpress-shibboleth [140] |
|                |                            |
| DSA-3974 [141] | tomcat8 [142]              |
|                |                            |
| DSA-3976 [143] | freexl [144]               |
|                |                            |
| DSA-3977 [145] | newsbeuter [146]           |
|                |                            |
| DSA-3978 [147] | gdk-pixbuf [148]           |
|                |                            |
| DSA-3979 [149] | pyjwt [150]                |
|                |                            |
| DSA-3980 [151] | apache2 [152]              |
|                |                            |
| DSA-3981 [153] | linux [154]                |
|                |                            |
| DSA-3982 [155] | perl [156]                 |
|                |                            |
| DSA-3983 [157] | samba [158]                |
|                |                            |
| DSA-3984 [159] | git [160]                  |
|                |                            |
| DSA-3986 [161] | ghostscript [162]          |
|                |                            |
| DSA-3987 [163] | firefox-esr [164]          |
|                |                            |
| DSA-3988 [165] | libidn2-0 [166]            |
|                |                            |
| DSA-3989 [167] | dnsmasq [168]              |
|                |                            |
| DSA-3990 [169] | asterisk [170]             |
|                |                            |
| DSA-3992 [171] | curl [172]                 |
|                |                            |
| DSA-3995 [173] | libxfont [174]             |
|                |                            |
| DSA-3997 [175] | wordpress [176]            |
|                |                            |
| DSA-3998 [177] | nss [178]                  |
|                |                            |
| DSA-3999 [179] | wpa [180]                  |
|                |                            |
| DSA-4000 [181] | xorg-server [182]          |
|                |                            |
| DSA-4002 [183] | mysql-5.5 [184]            |
|                |                            |
| DSA-4004 [185] | jackson-databind [186]     |
|                |                            |
| DSA-4006 [187] | mupdf [188]                |
|                |                            |
| DSA-4007 [189] | curl [190]                 |
|                |                            |
| DSA-4008 [191] | wget [192]                 |
|                |                            |
| DSA-4011 [193] | quagga [194]               |
|                |                            |
| DSA-4012 [195] | libav [196]                |
|                |                            |
| DSA-4013 [197] | openjpeg2 [198]            |
|                |                            |
| DSA-4016 [199] | irssi [200]                |
|                |                            |
| DSA-4018 [201] | openssl [202]              |
|                |                            |
| DSA-4021 [203] | otrs2 [204]                |
|                |                            |
| DSA-4022 [205] | libreoffice [206]          |
|                |                            |
| DSA-4025 [207] | libpam4j [208]             |
|                |                            |
| DSA-4026 [209] | bchunk [210]               |
|                |                            |
| DSA-4027 [211] | postgresql-9.4 [212]       |
|                |                            |
| DSA-4029 [213] | postgresql-common [214]    |
|                |                            |
| DSA-4033 [215] | konversation [216]         |
|                |                            |
| DSA-4035 [217] | firefox-esr [218]          |
|                |                            |
| DSA-4037 [219] | jackson-databind [220]     |
|                |                            |
| DSA-4038 [221] | shibboleth-sp2 [222]       |
|                |                            |
| DSA-4039 [223] | opensaml2 [224]            |
|                |                            |
| DSA-4040 [225] | imagemagick [226]          |
|                |                            |
| DSA-4041 [227] | procmail [228]             |
|                |                            |
| DSA-4042 [229] | libxml-libxml-perl [230]   |
|                |                            |
| DSA-4043 [231] | samba [232]                |
|                |                            |
| DSA-4045 [233] | vlc [234]                  |
|                |                            |
| DSA-4046 [235] | libspring-ldap-java [236]  |
|                |                            |
| DSA-4047 [237] | otrs2 [238]                |
|                |                            |
| DSA-4051 [239] | curl [240]                 |
|                |                            |
| DSA-4052 [241] | bzr [242]                  |
|                |                            |
+----------------+----------------------------+

No Comments.

Leave a Reply